Changeset View
Changeset View
Standalone View
Standalone View
src/infrastructure/util/PhabricatorHash.php
| Show All 29 Lines | final class PhabricatorHash extends Phobject { | ||||
| */ | */ | ||||
| public static function digestPassword(PhutilOpaqueEnvelope $envelope, $salt) { | public static function digestPassword(PhutilOpaqueEnvelope $envelope, $salt) { | ||||
| $result = $envelope->openEnvelope(); | $result = $envelope->openEnvelope(); | ||||
| if (!$result) { | if (!$result) { | ||||
| throw new Exception('Trying to digest empty password!'); | throw new Exception('Trying to digest empty password!'); | ||||
| } | } | ||||
| for ($ii = 0; $ii < 1000; $ii++) { | for ($ii = 0; $ii < 1000; $ii++) { | ||||
| $result = PhabricatorHash::digest($result, $salt); | $result = self::digest($result, $salt); | ||||
| } | } | ||||
| return $result; | return $result; | ||||
| } | } | ||||
| /** | /** | ||||
| * Digest a string for use in, e.g., a MySQL index. This produces a short | * Digest a string for use in, e.g., a MySQL index. This produces a short | ||||
| ▲ Show 20 Lines • Show All 61 Lines • ▼ Show 20 Lines | public static function digestToLength($string, $length) { | ||||
| // We could conceivably return the string unmodified if it's shorter than | // We could conceivably return the string unmodified if it's shorter than | ||||
| // the specified length. Instead, always hash it. This makes the output of | // the specified length. Instead, always hash it. This makes the output of | ||||
| // the method more recognizable and consistent (no surprising new behavior | // the method more recognizable and consistent (no surprising new behavior | ||||
| // once you hit a string longer than `$length`) and prevents an attacker | // once you hit a string longer than `$length`) and prevents an attacker | ||||
| // who can control the inputs from intentionally using the hashed form | // who can control the inputs from intentionally using the hashed form | ||||
| // of a string to cause a collision. | // of a string to cause a collision. | ||||
| $hash = PhabricatorHash::digestForIndex($string); | $hash = self::digestForIndex($string); | ||||
| $prefix = substr($string, 0, ($length - ($min_length - 1))); | $prefix = substr($string, 0, ($length - ($min_length - 1))); | ||||
| return $prefix.'-'.$hash; | return $prefix.'-'.$hash; | ||||
| } | } | ||||
| } | } | ||||